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DETAILED ACTION 

This communication is in response to the application filed on August 25, 2003. 
The application has been examined. Claims 1-17, of which claim 1 is in independent 
form, are pending in this Office Action. 

Election I Restrictions 

The Office mailed out a restriction requirement on June 25, 2007 requiring the 
applicant to elect either claims 1 - 17 or 18 - 39 as required under 35 U.S.C. 121. 

The applicant responded on July 25, 2007 by electing claims 1-17 with 
traverse. 

Information Disclosure Statement 

The information disclosure statement filed on October 19, 2006 is in compliance 
with the provisions of 37 CFR 1 .97, 1 .98 and MPEP § 609. It has been placed in the 
application file and the information referred to therein has been considered as to the 
merits. 

Status of Claims 

Claims 1 - 17 are rejected under 35 U.S.C. 112, second paragraph. Claims 1 - 
17 are rejected under 35 U.S.C. 103(a). 
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35 U.S.C. §1 12, second paragraph rejection 
The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 1 - 17 are rejected under 35 U.S.C. 112, second paragraph, as being 

indefinite for failing to particularly point out and distinctly claim the subject matter which 

the applicant regards as the invention. 

Claim 1, lines 2, 19 and 21 recite "operative of . . ." and "operative to . . ." The 
metes and bounds of claim 1 that the applicant intends is unclear, since claim 1 appears 
to cover anything and everything that is "operative of or "operative to" perform the 
recited limitations. 

35 U.S.C. §103 rejection 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made; 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 

USPQ 459 (1966), that are applied for establishing a background for determining 

obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 
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4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

Claims 1 - 3, 5, 6, and 10 - 17 

Claims 1 - 3, 5, 6, and 10 - 17 (effective filing date: August 25, 2003) are 
rejected under 35 USC 103 (a) as being obvious over Williams et al. (published 
application US 2005/0257267 A1) (effective filing date: Feb. 14, 2003) (hereafter 
"Williams") in view of Lin (U.S. Patent number 6,542,508) (issued on April 1, 2003). 

With respect to independent claim 1 , Williams discloses [a] system for 
synchronizing a plurality of network policies amongst a plurality of network 
nodes, the plurality of network policies operative of the plurality of nodes to 
regulate data traffic through the plurality of nodes (paragraph [0010], lines 1 -4: 
"the present invention is directed to a network auditing system for auditing the security 
of a data communications network. The system includes a first server configuring 
policies . . ."), the system comprising: 

an ordered plurality of classifications of the plurality of network policies 
(paragraph [0080], lines 3-4: "The policy directory 60 may organize individual policies 
76 into different policy categories ."), the ordered plurality of classifications including 

a first one or more classifications identifying policies enabling collusion 
between the plurality of network nodes (paragraph [0080], lines 5-7: "a custom 
policy category 64 may include policies that have been customized to meet the needs of 
the particular global network .") to support a common database of network policies 
(paragraph [0061], lines 1,2-3, and 8-9: "The audit repository 14 stores . . . security 
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and regulatory policies , . . . The audit repository 14 may be implemented as part of the 
database server 11.. ."), 

a plurality of local policy databases , each of the plurality of local policy 
databases residing on a respective node in the plurality of nodes (paragraph 
[0062], first four lines: "The audit servers 12 are preferably strategically deployed 
around the global network to gather facts about wired 16 or wireless 22 local networks 
within the global network "), each of the local policy databases further including a 
plurality of policy instances operative on the respective node (paragraph [0069], 
lines 1 - 4: "The P&V engine 34 analyzes data gathered by the audit servers 12 and 
determines whether the audited networks comply with established security and 
regulation policies ."): and 

a plurality of synchronization processes resident on the plurality of nodes, 
the plurality of synchronization processes operative to minimize a convergence 
time between the plurality of local databases and the common database of 
network policies (paragraph [0062], lines 4-8: "the audit servers 12 are configured to 
gather facts relating to the wired and/or wireless 22 local networks using heterogeneous 
information sources. Such information sources may include scanners , . . .") (paragraph 
[0062], lines 9-13: "The data gathered by each information source is converted . . . 
and stored in the audit repository 14 for access by the compliance server 10 ."). wherein 
the plurality of synchronization processes are further operative to map network 
policies received at the respective node to the ordered plurality of classifications 
(paragraph [0207], lines 4-9: "an audit is generated by providing ... a list of network 
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groups to be audited 704, an optional list of policies 706 selected from the policy 
directory 60 (FIG. 4) against which the audit is to be analyzed 706, and a selection of 
scanners 702 for performing the audit.") (paragraph [0080], lines 3-4: "The policy 
directory 60 may organize individual policies 76 into different policy categories ."). 
Williams does not appear to explicitly disclose: 

a second one or more classifications identifying policies for compressing 
or expanding information passed amongst the plurality of nodes, 

a third one or more classifications including policies for route distribution 
and selection in the plurality of nodes; 

However, Lin discloses in column 1, lines 44 - 50: "the process of flow 
classification and action processing may repeat for many iterations as multiple policies 
are activated at the same time. For example, a VPN (virtual private network) application 
may comprise . . . IPCOMP (IP compression ) policy, NAT (Network Address 
Translation ) Policy, . . ." 

Williams and Lin are analogous art because they are from the same field of 
endeavor: network policies. At the time of the invention, it would have been obvious to 
one of ordinary skill in the art, having the teachings of Williams and Lin before him or 
her, to modify the "policy directory 60" of Williams to include the "IPCOMP (IP 
compression) policy" and "NAT (Network Address Translation) Policy" of Lin because 
these two policies set rules for sending network packets to their correct destinations. 

The suggestion for doing so would have been Lin, column 1 , lines 38 - 41 : "each 
packet compared with potentially hundreds of rules in order to find the matching one 
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and determine the proper action specifications." 

Therefore, it would have been obvious to combine Lin with Williams to obtain the 
invention as specified in claim 1 . 

With respect to dependent claim 2, Williams teaches [t]he system of claim 1, 
wherein the plurality of nodes are distributed across one or more wide area 
networks (paragraph [0059], lines 2-5: "The global network may include a plurality of 
internal networks 16 coupled to each other over a public internet 18 or a private wide 
area network 20."). 

With respect to dependent claim 3, Williams teaches [t]he system of claim 1, 
wherein the plurality of nodes are at least partially packet -switched (paragraph 
[0015]: "the one or more second servers are coupled to one or more dynamically 
configurable packet filters."). 

With respect to dependent claim 5, Williams teaches [t]he system of claim 1, 
wherein the plurality of nodes at least partially overlap one or more autonomous 
systems (paragraph [0062], first four lines: "The audit servers 12 are preferably 
strategically deployed around the global network to gather facts about wired 16 or 
wireless 22 local networks within the global network."). 



With respect to dependent claim 6, Williams teaches [t]he system of claim 1, 
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wherein the plurality of nodes at least partially overlap two or more autonomous 
systems (paragraph [0062], first four lines: "The audit servers 12 are preferably 
strategically deployed around the global network to gather facts about wired 16 or 
wireless 22 local networks within the global network."). 

With respect to dependent claim 10, Williams teaches [t]he system of claim 1, 
wherein the first one or more classifications further identifies policies for 
validating network information exchanged amongst the plurality of nodes 

(paragraph [0061], lines 1-3: "The audit repository 14 stores . . . security and 
regulatory policies, . . ."). 

With respect to dependent claim 1 1 , Williams teaches [t]he system of claim 1, 
wherein the first one or more classifications further identifies policies for 
validating information exchanged amongst the plurality of nodes for security 

(paragraph [0061], lines 1-3: "The audit repository 14 stores . . . security and 
regulatory policies, . . ."). 

With respect to dependent claim 12, Williams teaches [t]he system of claim 11, 
wherein the first one or more classifications further identifies policies for 
validating information exchanged amongst the plurality of nodes for conformance 
to syntax (paragraph [0107], lines 4-7: "The scan harness 212 provides a common 
interface that allows the audit server 12 to uniformly communicate with the scanners, 
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even if they are heterogeneous in kind."). 

With respect to dependent claim 13, Williams teaches [t]he system of claim 11, 
wherein the first one or more classifications further identifies policies for 
validating information exchanged amongst the plurality of nodes for appropriate 
syntax (paragraph [0107], lines 4-7: "The scan harness 212 provides a common 
interface that allows the audit server 12 to uniformly communicate with the scanners, 
even if they are heterogeneous in kind."). 

With respect to dependent claim 14, Lin teaches [t]he system of claim 11, 
wherein the first one or more classifications further identifies policies for 
ensuring that information received at the respective node has arrived intact from 
a trusted source (column 3, lines 46 , 48 - 50: "The action specification 203b can be . . 
. as complicated as IPSec encryption rules based on a SA (Security Association) 
specification."). 

With respect to dependent claim 15, Williams teaches [t]he system of claim 1, 
wherein the first one or more classifications further identifies policies for 
validating security of information exchanged amongst the plurality of nodes 

(paragraph [0061], lines 1 - 3: "The audit repository 14 stores . . . security and 
regulatory policies, . . ."). 
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With respect to dependent claim 16, Williams teaches [t]he system of claim 1, 
further comprising: a plurality of consistency enforcement processes resident on 
the plurality of nodes, the plurality of consistent enforcement processes ensuring 
internal consistency of the plurality of local databases (paragraph [0062], lines 4 - 
8: "the audit servers 12 are configured to gather facts relating to the wired and/or 
wireless 22 local networks using heterogeneous information sources. Such information 
sources may include scanners , . . .") (paragraph [0069], first four lines: "The P&V 
engine 34 analyzes data gathered by the audit servers 12 and determines whether the 
audited networks comply with established security and regulation policies ."). 

With respect to dependent claim 17, Williams teaches [t]he system of claim 1, 
wherein each of the plurality of nodes includes one or more routers (paragraph 
[0197], lines 1 and 3: "Exemplary host property specifications include . . . router host 
properties, . . ."). 

Claim 4 

Claim 4 (effective filing date: August 25, 2003) is rejected under 35 USC 103 (a) 
as being obvious over Williams et al. (published application US 2005/0257267 A1) 
(effective filing date: Feb. 14, 2003) (hereafter "Williams") in view of Lin (U.S. Patent 
number 6,542,508) (issued on April 1 , 2003), and further in view of the following web 
page published by Jeffrey K. MacKie-Mason and archived on January 15, 1998 
(hereafter "JKMM"): 
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http://web.archive.org/web/1998011 51 73039/http://www.press.umich.edu/iep/works/node24.html 
Williams and Lin disclose [t]he system of claim 1, . . . 

Williams and Lin do not appear to explicitly disclose wherein the plurality of 

nodes are at least partially cell-switched . 

However, JKMM discloses in lines 3-4: " Cell switching closely resembles 
packet switching in that it breaks a data stream into packets which are then placed on 
lines that are shared by several streams." 

Williams, Lin, and JKMM are analogous art because they are from the same field 
of endeavor: network design. At the time of the invention, it would have been obvious to 
one of ordinary skill in the art, having the teachings of Williams, Lin, and JKMM before 
him or her, to modify the global network of Williams to include the cell switching of 
JKMM because the combination would have limited communication delays. 

The suggestion/motivation for doing so would have been JKMM, lines 4-6: 
"One major difference is that cells have a fixed size while packets can have different 
sizes. This makes it possible in principle to offer bounded delay guarantees (since a 
cell will not get stuck for a surprisingly long time behind an unusually large packet)." 

Therefore, it would have been obvious to combine JKMM with Williams and Lin to 
obtain the invention as specified in claim 4. 

Claims 7 and 9 

Claims 7 and 9 (effective filing date: August 25, 2003) are rejected under 35 USC 
103 (a) as being obvious over Williams et al. (published application US 2005/0257267 
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A1) (effective filing date: Feb. 14, 2003) (hereafter "Williams") in view of Lin (U.S. Patent 
number 6,542,508) (issued on April 1 , 2003), and further in view of MeLampy et al. 
(published application US 2002/0112073 A1)(published on August 15, 2002) (effective 
filing date: December 1 1 , 2000) (hereafter "MeLampy"). 

Williams and Lin disclose [t]he system of claim 1, . . . 

Williams and Lin do not appear to explicitly disclose wherein the plurality of 
nodes communicate at least partially via an Interior Gateway Protocol and 
wherein the plurality of nodes communicate at least partially via Border Gateway 
Protocol (BGP) . 

. However, MeLampy discloses in paragraph [0014], last four lines: "In data 
networks, protocols such as border gateway protocol (BGP) , interior gateway protocol 
(|GP), open shortest path first (OSPF), etc., are used to determine link states and 
routes." 

Williams, Lin, and MeLampy are analogous art because they are from the same 
field of endeavor: network policies. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Williams, Lin, and 
MeLampy before him or her, to modify the local networks of Williams to include the 
Interior Gateway Protocol and Border Gateway Protocol of MeLampy because the 
combination would have resulted in links between routers capable of communicating 
signals. 

The suggestion for doing so would have been MeLampy, paragraph [0014], first 
four lines: "To ensure that the network elements (e.g., switches in the telephone 
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network, routers in the data network) can perform their associated tasks, they must 
know the status of adjacent communication links and available routes . . ." 

Therefore, it would have been obvious to combine MeLampy with Williams and 
Lin to obtain the invention as specified in claims 7 and 9. 

Claim 8 

Claim 8 (effective filing date: August 25, 2003) is rejected under 35 USC 103 (a) 
as being obvious over Williams et al. (published application US 2005/0257267 A1) 
(effective filing date: Feb. 14, 2003) (hereafter "Williams") in view of Lin (U.S. Patent 
number 6,542,508) (issued on April 1 , 2003), and further in view of MeLampy et al. 
(published application US 2002/0112073 A1)(published on August 15, 2002) (effective 
filing date: December 11, 2000) (hereafter "MeLampy"). 

Williams and Lin disclose [t]he system of claim 1, . . . 

Williams and Lin do not appear to explicitly disclose wherein the plurality of 
nodes communicate at least partially via an Exterior Gateway Protocol . 

However, MeLampy discloses in paragraph [0055], lines 8-12: "As known in the 
art, an autonomous system is a set of routers under a single technical administration, 
using an interior gateway protocol and common metrics to route packets within the AS, 
and using an exterior gateway protocol . . 

Williams, Lin, and MeLampy are analogous art because they are from the same 
field of endeavor: network policies. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Williams, Lin, and 
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MeLampy before him or her, to modify the local networks of Williams to include the 
Exterior Gateway Protocol of MeLampy because the combination would have resulted 
in links between networks capable of communicating signals. 

The suggestion for doing so would have been MeLampy, paragraph [0055], lines 
12 - 13: "... to route packets to other [Autonomous Systems]" 

Therefore, it would have been obvious to combine MeLampy with Williams and 
Lin to obtain the invention as specified in claim 8. 

Contact Information 

The prior art made of record, listed on form PTO-892, and not relied upon, if any, 
is considered pertinent to the applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Harold A. Hotelling whose telephone number is (571) 
270-1293. The examiner can normally be reached between 7:00 a.m. - 5:30 p.m. 
Monday through Thursday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Charles Rones, can be reached on (571) 272-4085. The fax phone number 
for the organization where this application or proceeding is assigned is 703-837-8902. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
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For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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